﻿using System;
using System.Collections.Generic;
using System.Data;
using System.Data.SqlClient;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;

namespace WebApplication2
{
    public partial class WebForm1 : System.Web.UI.Page
    {
        
        protected void Page_Load(object sender, EventArgs e)
        {

        }

        protected void Button1_Click(object sender, EventArgs e)
        {
            string name = TextBox1.Text;
            string pwd = TextBox2.Text;

            string server = "server = LAPTOP-9LFBV2BF;uid = Montian;pwd = ;database = Student_db";
            SqlConnection sqlcon = new SqlConnection(server);
            sqlcon.Open();

            string sql = "select * from StudentInfo where stu_name=@name and stu_password=@pwd";
            
            SqlParameter[] pars =
            {
                new SqlParameter("@name",name),
                new SqlParameter("@password",pwd)
            };
            SqlCommand sqlCom = new SqlCommand(sql, sqlcon);
            sqlCom.Parameters.AddRange(pars);

            SqlDataReader sdr = sqlCom.ExecuteReader();
            if (sdr.Read())
            {
                Session["CurrentUserName"] = name;
                Response.Redirect("Home.aspx");
            }
            else
            {
                Literal1.Text = "登录失败！";
            }


            //DataTable dt = sql.Get(sql, pars);
            //if (dt.Rows.Count > 0)
            //{
            //    Session["CurrentUserName"] = name;
            //    Response.Redirect("Home.aspx");
            //}
            //else
            //{
            //    Literal1.Text = "登录失败！";
            //}
        }
    }
}